package com.zhubg.bingo.admin.config;

import com.zhubg.bingo.admin.security.JwtAuthenticationFilter;
import com.zhubg.bingo.admin.security.JwtAuthenticationProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler;

/**
 * @author zhubg
 * @title: WebSecurityConfig
 * @projectName bingo-pom
 * @description: TODO
 * @date 2019-09-28-17:52
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    public void configure(AuthenticationManagerBuilder auth){
        //使用自定义身份验证组件
        auth.authenticationProvider(new JwtAuthenticationProvider(userDetailsService));

    }


    protected void configure(HttpSecurity http){

        try {
            http.cors().and().csrf().disable().authorizeRequests()

                    .antMatchers(HttpMethod.OPTIONS,"/**").permitAll()

                    .antMatchers("/webjars/**").permitAll()

                    .antMatchers("/druid/**").permitAll()

                    .antMatchers("/").permitAll().antMatchers("/login").permitAll()

                    .antMatchers("/swagger-ui.html").permitAll()

                    .antMatchers("/swagger-resources/**").permitAll()

                    .antMatchers("/v2/api-docs").permitAll()

                    .antMatchers("/webjars/springfox-swagger-ui/**").permitAll()

                    .antMatchers("/captcha.jpg**").permitAll()

                    .antMatchers("/actuator/**").permitAll()

                    .anyRequest().authenticated();


            http.logout().logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());

            http.addFilterBefore(new JwtAuthenticationFilter(authenticationManager()),UsernamePasswordAuthenticationFilter.class);


        } catch (Exception e) {
            e.printStackTrace();
        }
    }


    @Bean
    @Override
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }


}
